odbc_connection_string_quote

Quotes an ODBC connection string value

string **odbc_connection_string_quote** string $str

Quotes a value for a connection string, according to ODBC rules. That is, it will be surrounded by quotes, and any ending curly braces will be escaped. This should be done for any connection string values that come from user input. Not doing so can lead to issues with parsing the connection string, or values being injected into the connection string.

Note that this function does not check if the string is already quoted, nor if the string needs quoting. For that, call and . odbc_connection_string_is_quoted``odbc_connection_string_should_quote

strThe unquoted string.

A quoted string, surrounded by curly braces, and properly escaped.

Voorbeeld: example

This example quotes a string, then puts it in a connection string. Note that the string is quoted, and the ending quote character in the middle of the string has been escaped.

<?php
$value = odbc_connection_string_quote("foo}bar");
$connection_string = "DSN=PHP;UserValue=$value";
echo $connection_string;
?>

DSN=PHP;UserValue={foo}}bar}

odbc_connection_string_is_quoted``odbc_connection_string_should_quote

Vorige ← odbc_connection_string_is_quoted Volgende odbc_connection_string_should_quote →

odbc_connection_string_quote

odbc_connection_string_quote

Documentatie